Information processing method and apparatus for securely sharing personalized information

ABSTRACT

There is disclosed an apparatus capable of suitably deleting information of, e.g., an operation environment that is personalized in a given apparatus and handled in another apparatus and remains in it, thereby improving the operability and security. An information processing apparatus receives personalized information set in another information processing apparatus and stores the personalized information. A user who requests access to the stored personalized information is authenticated. A user who has passed authentication can obtain an operation environment based on the personalized information. Upon logout of the user or after the elapse of a predetermined time after access, the stored personalized information is erased.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates to an information processing method andapparatus for securely sharing personalized information.

2. Description of the Related Art

A current information processing apparatus (image processing apparatus)such as a digital multifunctional peripheral (MFP) has a number offunctions. Examples of the functions are copying, printing from apersonal computer (PC), mail send of documents scanned by a scanner, andstorage of scanned documents. A user often saves the information of highfrequently operation environments to improve the operability in usingthese functions of the image processing apparatus. For example, mailaddress tables and shortcuts of functions with high use frequency areformed.

However, a user does not always use only a specific image readingapparatus. In an environment where a user uses a plurality of imageprocessing apparatuses, the same information must be input to imageprocessing apparatuses to be frequently used.

In this method, however, since the same information must be set in eachof image processing apparatuses that require input, the operation isvery cumbersome.

An invention to solve this problem is disclosed in, e.g., JapanesePatent Laid-Open No. 2004-312302. According to this invention, intransmitting image data generated by reading a document image to aservice on the Internet, service list information is acquired from an ICcard, and set windows and set procedures are personalized for theoperator. The various personalized settings are transmitted togetherwith the image data.

However, although not mentioned in this prior art, the personalizedinformation remains in other image reading apparatuses and causes asecurity problem. To solve this problem, conventionally, the usermanually deletes information remaining on each image reading apparatus.However, this method depends on the user's manual operation, and theuser may forget to delete information in some of a plurality of imagereading apparatuses, leaving the security problem unsolved.

SUMMARY OF THE INVENTION

It is an object of the present invention to provide an apparatus forsuitably deleting information of, e.g., an operation environment that ispersonalized in a given apparatus and handled in another apparatus andremains in it, thereby improving operability and security.

According to one aspect of the present invention, the foregoing problemis solved by providing an information processing apparatus comprising areception unit adapted to receive operation environment information setin another information processing apparatus, a storage unit adapted tostore the operation environment information, an authentication unitadapted to authenticate a user who requests access to the storedoperation environment information, a setting unit adapted to set anoperation environment based on the operation environment information ifauthentication is successful, and an erase unit adapted to erase theoperation environment information from the storage unit on the basis ofa condition after setting by the setting unit.

According to one aspect of the present invention, the foregoing problemis solved by providing an information processing apparatus thattransmits operation environment information to another informationprocessing apparatus, comprising an authentication unit adapted toauthenticate a user, a selection unit adapted to select the otherinformation processing apparatus to be permitted to access theinformation if authentication is successful, an information setting unitadapted to set details of operation environment information access towhich should be permitted for the selected other information processingapparatus, an erase condition setting unit adapted to set a condition toerase the operation environment information and a transmission unitadapted to transmit the operation environment information to the otherinformation processing apparatus selected by the selection unit.

According to one aspect of the present invention, the foregoing problemis solved by providing a method of causing a plurality of informationprocessing apparatuses to share an operation environment, comprising thesteps of receiving operation environment information set in anotherinformation processing apparatus, storing the operation environmentinformation, authenticating a user who requests access to the storedoperation environment information, setting an operation environmentbased on the operation environment information if authentication issuccessful and erasing the operation environment information stored inthe storing step, on the basis of a condition after setting in thesetting step.

According to another aspect of the present invention, the foregoingproblem is solved by providing a method of causing a plurality ofinformation processing apparatuses to share operation environmentinformation, comprising the steps of authenticating a user, selecting aninformation processing apparatus to be permitted to access managedoperation environment information if authentication is successful,setting details of operation environment information access to whichshould be permitted for the selected other information processingapparatus, setting a condition to erase the operation environmentinformation and transmitting the operation environment information tothe information processing apparatus selected in the selecting step.

Further features of the present invention will become apparent from thefollowing description of exemplary embodiments (with reference to theattached drawings).

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram showing the detailed arrangement of an imagereading apparatus in an information processing system according to anembodiment of the present invention;

FIG. 2 is a view showing the outer arrangement of an operation unit 112of the image reading apparatus shown in FIG. 1;

FIG. 3 is a block diagram showing the detailed arrangement of theoperation unit 112 and an operation unit I/F 106 of the image readingapparatus shown in FIG. 1;

FIG. 4 is a block diagram showing the functional arrangement to processset data which is stored in an HDD 104 in the image reading apparatusshown in FIG. 1 and related to access permission executed by a CPU 101;

FIG. 5 is a view showing a user authentication window 501 as an exampleof a window for user authentication of an original image readingapparatus;

FIG. 6 is a view showing a management menu 601 as an example of a menuwindow of remote access permission of the original image readingapparatus;

FIG. 7 is a view showing a remote access permission menu window 701 asan example of a remote access permission setting start window of theoriginal image reading apparatus;

FIG. 8 is a view showing an example of a device selection list window801 of the original image reading apparatus;

FIG. 9 is a view showing an example of a customized information settinglist window 901 of the original image reading apparatus;

FIG. 10 is a view showing an example of a security rule set window 1001of the original image reading apparatus;

FIG. 11 is a view showing an example of an access permission key issuewindow 1101 of the original image reading apparatus;

FIG. 12 is a view showing an example of an access permissionauthentication window 1201 of a remote image reading apparatus;

FIG. 13 is a view showing a dialogue 1301 displayed when accesspermission authentication has failed on the window shown in FIG. 12;

FIG. 14 is a view showing an example of a copy initial window 1401 ofthe remote image reading apparatus;

FIG. 15 is a view showing an example of a copy window 1501 of the remoteimage reading apparatus, i.e., an example of a window developed from thecopy initial window shown in FIG. 14;

FIG. 16 is a view showing a “copy in progress” window 1601 of the remoteimage reading apparatus, i.e., an example of a window displayed whencopy processing is actually being executed from the copy window;

FIG. 17 is a view showing a box list window 1701 of the remote imagereading apparatus, i.e., an example of a box initial window displayedwhen the original apparatus permits access;

FIG. 18 is a view showing a file list window 1801 in a box of the remoteimage reading apparatus, i.e., an example of a window that lists filesin a box;

FIG. 19 is a view showing a file print window 1901 in the box of theremote image reading apparatus, i.e., an example of a window before adocument is selected from the file list window 1801 in the box andprinted;

FIG. 20 is a view showing an example of a “print in progress” window2001 of the remote image reading apparatus;

FIG. 21 is a view showing a send window 2101 of the remote image readingapparatus, i.e., an example of a send initial window displayed whenaccess is permitted;

FIG. 22 is a view showing an example of a window 2201 that displays ane-mail address table of the remote image reading apparatus;

FIG. 23 is a view showing an example of a window 2301 that displays thein-progress state of e-mail send of the remote image reading apparatus;

FIG. 24 is a view showing an example of the copy initial window 1401 ofthe remote image reading apparatus;

FIG. 25 is a view showing an example of the box initial window 1701 ofthe remote image reading apparatus;

FIG. 26 is a view showing an example of the send initial window 2101 ofthe remote image reading apparatus;

FIG. 27 is a view schematically showing an example of the structure ofuser information 402;

FIG. 28 is a view schematically showing an example of the structure ofbox information 403;

FIG. 29 is a view schematically showing an example of the structure ofbox document information 404;

FIG. 30 is a view schematically showing an example of the structure ofaddress table information 405;

FIG. 31 is a view schematically showing an example of the structure ofdevice information 406;

FIG. 32 is a view schematically showing an example of the structure ofcustomized information 407;

FIG. 33 is a view schematically showing an example of the structure ofsecurity information 408;

FIG. 34 is a view schematically showing an example of the structure ofaccess permission information 409;

FIG. 35 is a flowchart for explaining an operation of causing the“original” image reading apparatus to set access information permissionfrom the remote” image reading apparatus;

FIG. 36 is a flowchart for explaining processing procedures usingaccess-permitted information in a “remote” image reading apparatus 3802;

FIG. 37 is a flowchart for explaining details of processing in stepS3607 of the flowchart in FIG. 36; and

FIG. 38 is a view for explaining the outline of processing in aninformation processing system comprising the image reading apparatusaccording to an embodiment of the present invention.

DESCRIPTION OF THE EMBODIMENTS

A preferred embodiment of the present invention will now be described indetail with reference to the drawings. It should be noted that therelative arrangement of the components, the numerical expressions andnumerical values set forth in these embodiments do not limit the scopeof the present invention unless it is specifically stated otherwise.

In this embodiment, an information processing system in which aplurality of information processing apparatuses are connected on anetwork such as the Internet or a LAN, as shown in FIG. 38, will bedescribed. In the following embodiment, an image reading apparatus willbe exemplified as an information processing apparatus. Instead, adigital multifunctional peripheral (MFP) may also be used.

FIG. 1 is a block diagram showing the detailed arrangement of an imagereading apparatus in an information processing system according to anembodiment of the present invention.

The image reading apparatus according to this embodiment comprises acontroller unit 100, as shown in FIG. 1. The controller unit 100inputs/outputs image information and device information by connecting ascanner 170 serving as an image input device and a printer 195 servingas an image output device and also a LAN 111 and a public line (WAN)151.

The controller unit 100 comprises a CPU 101 to control the overallapparatus, and a RAM 102 that provides the work area of the CPU 101 andtemporarily stores image data. The controller unit 100 also comprises aROM 103 to store a boot program, and an HDD (hard disk device) 104 thatstores application programs such as a system program and image data.

In addition to the ROM 103, RAM 102, and HDD 104, a VRAM 105, operationunit I/F 106, image bus 109, network I/F 110, and modem 150 areconnected to the CPU 101 through a system bus 107. The VRAM 105 is amemory to store an operation unit display image that is generated by theCPU 101 and displayed on an operation unit 112. The operation unit I/F106 serving as an interface to the operation unit (UI) 112 outputs, tothe operation unit 112, image data that is stored in the VRAM 105 andshould be displayed on the operation unit 112. The operation unit 112transfers information input by the user to the CPU 101. The network I/F110 is connected to the LAN 111 to input/output information through theLAN 111. The modem 150 is connected to the public line 151 toinput/output information through the public line 151.

The image bus 109 is a bus bridge that converts a data structure byconnecting the system bus 107 to an image bus 108 to transfer image dataat a high speed. The image bus 108 is formed from a PCI bus or IEEE1394.A raster image processor (RIP) 160, device I/F 120, scanner imageprocessing unit 180, printer image processing unit 190, image rotatingunit 130, and image compression unit 140 are connected to the image bus108.

The raster image processor 160 rasterizes a PDL code to a bitmap image.The device I/F 120 is an interface to connect the scanner 170 andprinter 195 serving as image input/output devices to the controller unit100 and converts the synchronous/asynchronous system of image data. Thedevice I/F 120 and scanner 170 are connected through a scanner interface171. The device I/F 120 and printer 195 are connected through a printerinterface 196. The scanner image processing unit 180 corrects,manipulates, and edits input image data. The printer image processingunit 190 executes printer correction and resolution conversion for printoutput image data. The image rotating unit 130 rotates image data. Theimage compression unit 140 compresses multivalued image data by JPEG andbinary image data by JBIG, MMR, or MH and decompresses image data.

The arrangement of the operation unit 112 will be described next withreference to FIGS. 2 and 3. FIG. 2 is a view showing the outerarrangement of the operation unit 112. FIG. 3 is a block diagram showingthe detailed arrangement of the operation unit 112 and operation unitI/F 106.

As shown in FIG. 2, the operation unit 112 has an LCD display unit 202with a touch panel 201 bonded on it. The LCD display unit 202 displaysthe system operation window and software keys. When the portion of adisplayed key is pressed, the LCD display unit 202 transmits theposition information to the CPU 101. The operation unit 112 has variouskinds of hardware keys. The hardware keys include a start key 203, stopkey 204, reset key 205, ten-key pad 206, clear key 207, ID key 208,guide key 209, user mode key 210, counter key 211, power saving key 212,and power key 213.

The start key 203 is used to, e.g., start a document image readingoperation. The start key 203 has a 2-color LED 215 of red and green atits central portion to indicate by the color whether the start key 203is valid/invalid. The stop key 204 acts to stop an operation inprogress. The reset key 205 is used to initialize the settings of theoperation unit 112. The ten-key pad 206 is used to input a numericalvalue and includes number keys of 0 to 9. The clear key 207 is used toclear an input numerical value. The ID key 208 is used by the user toinput a user ID.

The guide key 209 is used to display help for setting and input method.The user mode key 210 is used to do special setting or detailed settingof the operation of the apparatus. The counter key 211 is used toconfirm the number of paper sheets printed by the apparatus. The powersaving key 212 is used to make the apparatus stand by and reduce powerconsumption. The power key 213 turns on/off the apparatus.

The operation unit 112 also has tally lamps 216 and 217 that blink orlight up when the apparatus is operating or has an error. A power lamp218 is provided on the operation unit 112. The power lamp 218 lights upwhen the apparatus is powered on by the power key 213.

As shown in FIG. 3, the operation unit I/F 106 has an input devicecontroller 301 and an output device controller 302. The input devicecontroller 301 receives a user input from the touch panel 201 and a keygroup 220 (hardware keys 203 to 213) of the operation unit 112 andtransfer, to the CPU 101, the received user input as operation contents.The CPU 101 generates display window data on the basis of the inputoperation contents and a control program (to be described later withreference to the flowchart in FIG. 8) stored in the HDD 104. Thegenerated window data is temporarily stored in the VRAM 105 and outputto the LCD 202 through the output device controller 302 of the operationunit I/F 106.

The CPU 101 supplies a control signal to the output device controller302 in accordance with the control program on the basis of a user inputor device state. The output device controller 302 turns on/off the LEDs215 to 218 included in the LED group 203.

FIG. 4 is a block diagram showing the functional arrangement to processset data which is stored in the HDD 104 in the image reading apparatusshown in FIG. 1 and related to access permission executed by the CPU101. FIG. 4 shows the essential functions of the image reading apparatusshown in FIG. 1, with which a plurality of image reading apparatusesoperate in cooperation with each other.

This functional arrangement is obtained by causing the CPU 101 toexecute the control program stored in the HDD 104. With this functionalarrangement, processing corresponding to procedures shown in FIGS. 35,36, and 37 is executed.

A control unit 401 controls the overall apparatus on the basis of theprogram stored in the HDD 104 and executes various kinds of processingon the basis of contents set from the operation unit 112.

User information 402 stores information to specify the user of the imagereading apparatus. Box information 403 stores information about documentstorage one-layer folders (to be referred to as “boxes” hereinafter)stored in the image reading apparatus. Box document information 404stores information about documents stored in each box of the boxinformation 403. Address table information 405 stores information aboute-mail addresses. Device information 406 stores information aboutdevices connected by the LAN 111.

Customized information 407 stores information with access permissionfrom a specific image reading apparatus to another image readingapparatus and information about the state. If information with accesspermission from a specific image reading apparatus to another imagereading apparatus is present, security information 408 storesinformation about a method of deleting the information. Accessinformation 409 stores information about keys for access permission froma specific image reading apparatus to another image reading apparatus.

A series of processing operations according to this embodiment will bedescribed next with reference to window examples in FIGS. 5 to 26 whichare displayed on the LCD 202. The processing is roughly divided into twoflows.

The first processing uses the windows shown in FIGS. 5 to 11. FIGS. 5 to11 show windows (to be referred to as an access permission set windowgroup in an “original” image reading apparatus hereinafter) to executesetting for permitting a remote device to access information. Thewindows shown in FIGS. 5 to 11 are merely examples.

The second processing uses the windows shown in FIGS. 12 to 26. FIGS. 12to 26 show windows (to be referred to as a use window group in a“remote” image reading apparatus hereinafter) to be used when aninformation access permission is acquired from the remote image readingapparatus. The windows shown in FIGS. 12 to 26 are examples.

Each window of the access permission set window group in the “original”image reading apparatus will be described first with reference to FIGS.5 to 11. As a supplementary explanation for parts irrelevant to thespirit of the present invention, a description of software keys,buttons, list boxes, and messages in some windows will be omitted.

FIG. 5 is a view showing a user authentication window 501 as an exampleof a window for user authentication of an original image readingapparatus. The window shown in FIG. 5 has a user ID key 502 and apassword key 503 as software keys. The window also has a user ID inputfield 504 and a password input field 505 as input fields. The userinputs the user ID and password to the fields and presses the ID key208. Then, user authentication is executed.

FIG. 6 is a view showing a management menu 601 as an example of a menuwindow of remote access permission of the original image readingapparatus. Only a remote access permission key 602 as a software keyrelated to the present invention will be explained here, and adescription of irrelevant software keys will be omitted. When the userpresses the remote access permission key 602, display changes to thewindow shown in FIG. 7.

FIG. 7 is a view showing a remote access permission menu window 701 asan example of a remote access permission setting start window of theoriginal image reading apparatus. The remote access permission menuwindow 701 shown in FIG. 7 is an example of a window before change tothe menus shown in FIGS. 8, 9, and 10. Software keys include a remoteaccess permission set key 702 and a “close” key 703. When the userpresses the remote access permission set key 702, display changes to thewindow shown in FIG. 8. On the other hand, when the user presses the“close” key 703, display returns to the window shown in FIG. 6.

FIG. 8 is a view showing an example of a device selection list window801 of the original image reading apparatus. The device selection listwindow 801 shown in FIG. 8 is an example of a window to make the userselect a device to permit access. This window has a device selectionlist 802 as a list and a domain search key 803, group search key 804,network-connected device search key 805, “cancel setting” key 806,“return” key 807, and “next” key 808 as software keys. The domain searchkey 803 extracts and displays only devices set in a domain in the list.The group search key 804 extracts and displays only devices set in agroup in the list. The network-connected device search key 805 extractsand displays devices connected to the Internet. The “cancel setting” key806 cancels settings on this window and changes display to theprecedingly displayed window. The “return” key 807 changes display tothe previous window. The “next” key 808 changes display to the windowshown in FIG. 9. In the device selection list 802, one or a plurality ofdevices can be selected.

FIG. 9 is a view showing an example of a customized information settinglist window 901 of the original image reading apparatus. The customizedinformation setting list window 901 shown in FIG. 9 is an example of awindow to set information for access permission from a remote imagereading apparatus. This window has, as software keys, a box set key 902,address table set key 903, fixed operation button set key 904, one-touchbutton set key 905, mode memory set key 906, “cancel setting” key 907,“return” key 908, and “next” key 909.

Access permission of each item of the keys 902 to 906 can be set to ONor OFF. The “cancel setting” key 907 cancels settings on this window andchanges display to the precedingly displayed window. The “return” key908 changes display to the previous window. The “next” key 909 changesdisplay to the window shown in FIG. 10. Even an item that is notdisplayed on this window can also be displayed on this window andselected if the item is customizable by the user and enables accesspermission from a remote site.

FIG. 10 is a view showing an example of a security rule set window 1001of the original image reading apparatus. The security rule set window1001 shown in FIG. 10 is an example of a window to set how to handleinformation in FIG. 9 (to be referred to as a “security rule”hereinafter) on the device set in FIG. 8 in the remote image readingapparatus.

Software keys include an “erase upon logout” key 1002, “erase afterpredetermined time” key 1003, “cancel setting” key 1005, “return” key1006, an “OK” key 1007. The window also has a time input field 1004 asan input field. In this window, whether to automatically eraseinformation upon logout can be selected by pressing the “erase uponlogout” key 1002. Alternatively, whether to automatically eraseinformation after a predetermined time can be selected by pressing the“erase after predetermined time” key 1003 and inputting a time to theinput field. When the “cancel setting” key 1005 is pressed, settings onthis window are canceled, and display returns to the precedinglydisplayed window. When the “return” key 1006 is pressed, display returnsto the previous window. When the “determine” key is pressed, items seton the windows shown in FIGS. 8, 9, and 10 are determined and saved inthe original image reading apparatus. In addition, the window shown inFIG. 11 is displayed.

In this embodiment, the erase timing upon logout and the erase timingafter the elapse of predetermined time have been described as examples.However, any other timing such as automatic erase after the elapse of apredetermined number of days can also be set if the timing allowsautomatic erase.

An example of a window to issue an access permission key in FIG. 11 willbe described next. FIG. 11 is a view showing an example of an accesspermission key issue window 1101 of the original image readingapparatus. The access key display window 1101 is a dialogue thatdisplays a key to permit access from a “remote” image reading apparatus.When an OK key 1102 as a software key is pressed, the window closes, anddisplay changes to the window shown in FIG. 6. The access key displayedon this window is transmitted to the device permitted to access.

The access permission set window group in the original image readingapparatus has been described above.

Each window of the use window group in the “remote” image readingapparatus will be described next with reference to FIGS. 12 to 26. Thesupplementary explanation is the same as that for the use window groupin the “original” image reading apparatus.

Before displaying the window shown in FIG. 12, the user authenticationwindow 501 is displayed even in the “remote” image reading apparatus toexecute user authentication. FIG. 12 is a view showing an example of anaccess permission authentication window 1201 of the remote image readingapparatus. FIG. 12 shows an example of a window to executeauthentication to acquire information with access permission from the“original” image reading apparatus. The window has a user ID key 1202,password 1203, access permission key 1204, cancel key 1208, and OK key1209 as software keys. The window ha a user ID input field 1205,password input field 1206, and access permission input field 1207 asinput fields.

As the authentication method, the user ID input field 1205 receivesinput of the user ID obtained in FIG. 5. The password input field 1206receives input of the password obtained in FIG. 5. The access permissioninput field 1207 receives input of the access permission key shown onthe window 1101. When the OK key 1209 is pressed, user authentication ofthe original image reading apparatus and authentication of the accesspermission key are executed. When the cancel key 1208 is pressed,display changes to one of the windows shown in FIGS. 23 to 25 which isset as an initial display window without adding access-permittedinformation.

FIG. 13 is a view showing a dialogue 1301 displayed when accesspermission authentication has failed on the window shown in FIG. 12.When an OK key 1302 as a software key is pressed, display changes to theaccess permission key input window 1201. Access permission is impossiblenot only in case of mismatch of the access permission key but also,e.g., when the “original” image reading apparatus stops accesspermission. In this case, a dialogue like the dialogue 1301 is displayedto present a message indicating that access permission is impossible.

FIG. 14 is a view showing an example of a copy initial window 1401 ofthe remote image reading apparatus. FIG. 14 shows an example of a copyinitial window displayed when the original image reading apparatuspermits access. As software keys, preset keys 1402 and 1403 aredisplayed. When the user registers print setting conditions in advancein a preset key displayed on the copy window, he/she can easily utilizethe complex print conditions any number of times. In this embodiment,setting is done such that a copy window 1501 shown in FIG. 15 isdisplayed by pressing the preset key 1402.

FIG. 15 is a view showing an example of the copy window 1501 of theremote image reading apparatus, i.e., an example of a window developedfrom the copy initial window in FIG. 14. This window is displayed whenthe preset key 1402 is pressed, as described above. On this window,setting is done to execute copy from “double-sided” to “double-sided” inprinting and print the print date on the lower side of the printeddocument.

FIG. 16 is a view showing a “copy in progress” window 1601 of the remoteimage reading apparatus, i.e., an example of a window displayed whencopy processing is actually being executed from the copy window. Adialogue to indicate the number of printed sheets, the number of copies,and the print status in actual copy is displayed on the “copy inprogress” window 1601.

FIG. 17 is a view showing a box list window 1701 of the remote imagereading apparatus, i.e., an example of a box initial window displayedwhen the original apparatus permits access. A box has the function of aone-layer folder capable of storing files. A box list 1702 shows thelist of boxes. As software keys, box keys 1703 and 1704 to display thebox number 00 are displayed. Referring to FIG. 17, the box keys 1703 and1704 indicate that the boxes store access-permitted information.

FIG. 18 is a view showing a file list window 1801 in a box of the remoteimage reading apparatus, i.e., an example of a window that lists filesin a box. A file list 1802 shows the list of files. In the file list1802, one or a plurality of files can be selected. In the window exampleof this embodiment, a document titled “20050603 Proceedings” is selectedfrom the file list 1802, and a print key 1803 as a software key ispressed to display a print start window. A red mark in the file listwindow 1801 indicates that access-permitted information is stored.

FIG. 19 is a view showing a file print window 1901 in the box of theremote image reading apparatus, i.e., an example of a window before adocument is selected from the file list window 1801 in the box andprinted. To start print on the file print window 1901 in the box, theuser presses a print start key 1902 as a software key. Then, printstarts.

FIG. 20 is a view showing an example of a “print in progress” window2001 of the remote image reading apparatus. A dialogue to indicate thenumber of printed sheets, the number of copies, and the print status inprint is displayed on this window.

FIG. 21 is a view showing a send window 2101 of the remote image readingapparatus, i.e., an example of a send initial window displayed whenaccess is permitted. On the send window 2101 in FIG. 21, mail andfacsimile send is possible. An address table key 2102 as a software keyto display a window 2201 that displays an e-mail address table (to bedescribed later).

FIG. 22 is a view showing an example of the window 2201 that displays ane-mail address table of the remote image reading apparatus. A list box2203 displays members belonging to the address table.

FIG. 23 is a view showing an example of a window 2301 that displays thein-progress state of e-mail send of the remote image reading apparatus.Pieces of information including the page, reading size, and readingdensity are displayed on the window.

FIG. 24 is a view showing an example of the copy initial window 1401 ofthe remote image reading apparatus. FIG. 24 shows an example of the copyinitial window displayed when access information acquisition has failed.The layout is the same as in FIG. 14.

FIG. 25 is a view showing an example of the box initial window 1701 ofthe remote image reading apparatus. FIG. 25 shows an example of the boxinitial 5 window displayed when access information acquisition hasfailed. The layout is the same as in FIG. 17.

FIG. 26 is a view showing an example of the send initial window 2101 ofthe remote image reading apparatus. FIG. 26 shows an example of the sendinitial window displayed when access information acquisition has failed.The layout is the same as in FIG. 21.

The use window group in the “remote” image reading apparatus has beendescribed above with reference to FIGS. 12 to 26.

The structures of piece of information necessary in this embodiment willbe described next schematically with reference to FIGS. 27 to 34.

FIG. 27 is a view schematically showing an example of the structure ofthe user information 402. Referring to FIG. 27, user information 2701 isdata used on the user authentication window shown in FIG. 5. A systemuser ID 2702 is the identifier of internal data of user information. Auser ID 2703 stores an ID to specify a user. A password 2704 stores apassword to be used to authenticate a user ID.

FIG. 28 is a view schematically showing an example of the structure ofthe box information 403. Referring to FIG. 28, box information 2801 isbox information displayed on the window shown in FIG. 17. A box number2802 is the identifier of a box. A system user ID 2803 is data tospecify a user who holds a box. A box name 2804 stores the name of abox. A use amount 2805 stores the data of the use amount of a box.

FIG. 29 is a view schematically showing an example of the structure ofthe box document information 404. Referring to FIG. 29, box documentinformation 2901 is information of a box document displayed on thewindow shown in FIG. 18. A box number 2902 is the identifier of a box. Areceipt number 2903 is the identifier of a box document. A document name2904 store the name of a box document. A paper size 2905 stores a papersize. A page 2906 stores a page. A date/time 2907 stores a date/time.

FIG. 30 is a view schematically showing an example of the structure ofthe address table information 405. Referring to FIG. 30, address tableinformation 3001 is information of an address table displayed in FIG.22. An address number 3002 is the identifier of an address table. Anaddress Gr 3003 is the identifier of a group to which an address tablebelongs. A name 3004 stores the name of an address. An address 3005stores an e-mail address.

FIG. 31 is a view schematically showing an example of the structure ofthe device information 406. Referring to FIG. 31, device information3101 is device information displayed in FIG. 8. A device number 3102 isthe identifier of a device. A device name 3103 stores a device name. Agroup number 3104 stores the group number of a device. A domain number3105 stores the domain number of a device. An IP address 3106 stores theIP address of a device. A security ID 3107 stores the identifier ofassociated security information.

FIG. 32 is a view schematically showing an example of the structure ofthe customized information 407. Referring to FIG. 32, customizedinformation 3201 is information displayed in FIG. 9 to set accesspermission. A system user ID 3202 is an identifier to specify a user whoholds this information. A security ID 3203 is an identifier to specifysecurity information associated with this information. A customized ID3204 is the identifier of customized information settable for aplurality of devise. A display order 3205 stores the display order ofwindows. A customization type 3206 stores the type of customizableinformation. A customization state 3207 stores information representingwhether to permit access.

FIG. 33 is a view schematically showing an example of the structure ofthe security information 408. Referring to FIG. 33, security information3301 is information about security which is displayed and set in FIG.10. A system user ID 3302 is an identifier to specify a user who holdsthis information. A security ID 3303 is an identifier to specifysecurity information. A security type 3304 stores a type of how to eraseinformation. An erase time 3305 stores a time unit erase.

FIG. 34 is a view schematically showing an example of the structure ofthe access permission information 409. Referring to FIG. 34, accesspermission information 3401 is information about an access permissionkey displayed in FIG. 11. A system user ID 3402 is an identifier tospecify a user who holds this information. A security ID 3403 is anidentifier to specify security information. An access permission key3404 stores an access permission key for access from a “remote” imagereading apparatus. A type 3405 stores data to determine whether theaccess permission has been transmitted or received. A state 3406 is usedto manage the transmission and reception states.

The structures of piece of information necessary in this embodiment havebeen described above schematically with reference to FIGS. 27 to 34.

Two steps according to the embodiment of the present invention will bedescribed next with reference to FIGS. 35 to 38. Of the two steps, thefirst step is a step of causing the “original” image reading apparatusto permit access from a “remote” image reading apparatus. The secondstep is a step of causing the “remote” image reading apparatus toexecute an operation using access-permitted information in the originalimage reading apparatus. FIG. 38 is a view for explaining the outline ofprocessing in an information processing system comprising the imagereading apparatus according to the embodiment of the present invention.Referring to FIG. 38, an original image reading apparatus 3801 and aremote image reading apparatus 3802 are connected to each other througha network 3803. The flowcharts shown in FIGS. 35 to 37 and the systemconfiguration shown in FIG. 38 will be referred to below.

FIG. 35 is a flowchart for explaining an operation of causing the“original” image reading apparatus to set access information permissionfrom the remote” image reading apparatus. The procedures shown in FIG.35 are executed by the control unit 401.

First, when the controller unit 100 in the original image readingapparatus 3801 is activated, the control unit 401 displays the userauthentication window 501 described in FIG. 5 (step S3501). The controlunit 401 executes user authentication (step S3502). User authenticationis done by comparing data input to the user ID input field 504 on theuser authentication window 501 with the user ID 2703 and data input tothe password input field 505 with the password 2704.

If user authentication has been done successfully in step S3502 (YES),the flow advances to step S3503. If user authentication has failed (NO),the flow returns to step S3501 to promote the user to input correct userID and password again.

In step S3503, the management menu 601 is displayed. In step S3504, whenthe remote access permission key 602 on the management menu 601 ispressed, the flow advances to step S3505.

In step S3505, the remote access permission menu 701 is displayed. Instep S3506, when the remote access permission set key 702 on the remoteaccess permission menu 701 is pressed, the flow advances to step S3507.

In step S3507, the device access permission window 801 is displayed. Instep S3508, a device is selected from the device selection list 802 onthe device access permission window 801. When the “next” key 808 ispressed, the device information 3101 is updated, and the flow advancesto step S3509.

In step S3509, the access permission information setting list window 901is displayed. In step S3510, pieces of information to be subjected toaccess permission are set by setting ON/OFF on the access permissioninformation setting list window 901. When the “next” key 909 is pressed,the customized information 3201 is updated, and the flow advances tostep S3511.

In step S3511, the security rule window 1001 is displayed. In stepS3512, the “erase upon logout” key 1002 or the “erase afterpredetermined time” key 1003 and time input field 1004 are set to setautomatic erase on the “remote” image reading apparatus. When the “OK”key 1007 on the security rule window 1001 is pressed, the securityinformation 3301 is updated, the access permission information 3401 isadded, and the flow advances to step S3513.

In step S3513, the access permission key 3404 generated on the basis ofthe access permission information 3401 is displayed on the access keypermission window 1101. In step S3514, the customized information 3201,security information 3301, and access permission information 3401 aretransmitted to a device selected on the basis of the device information3101.

The step of causing the “remote” image reading apparatus 3802 to performan operation using access-permitted information of the “original” imagereading apparatus 3801 will be described next with reference to FIGS. 36and 37.

FIG. 36 is a flowchart for explaining processing procedures usingaccess-permitted information in the “remote” image reading apparatus3802. The processing procedures shown in FIG. 36 are executed by thecontrol unit 401. Processing in steps S3601 and S3602 in the flowchartshown in FIG. 36 is the same as that in steps S3501 and S3502, and adescription thereof will be omitted.

In step S3603, an access permission key is received, and it isdetermined whether reception has successfully been done. If reception issuccessful (YES), access-permitted information is used, and the flowadvances to step S3604. If reception has failed (NO), the flow advancesto step S3607. In this case, it is determined that the access-permittedinformation cannot be received, and the normal initial window of theimage reading apparatus is displayed.

In step S3604, the access permission authentication window 1201 isdisplayed. In step S3605, authentication and acquisition ofaccess-permitted information are executed on the access permissionauthentication window 1201, and it is determined whether authenticationand acquisition have successfully been done. In authenticationprocessing, the user ID and password input in the access permissionauthentication window are compared with data in the “original” imagereading apparatus, and the access permission key is compared with datain the “remote” image reading apparatus.

If authentication has been done successfully (YES), access-permittedinformation is acquired from the “original” image reading apparatus(step S3606). If authentication has failed (NO), the flow advances tostep S3607.

In step S3607, various kinds of processing are executed. Details of theprocessing in step S3607 will be described later with reference to theflowchart in FIG. 37.

After the end of the processing in step S3607, the flow advances to stepS3608. In step S3608, it is determined whether access-permittedinformation is received. If access-permitted information is received(YES), the flow advances to step S3609 to delete the access-permittedinformation. If reception has failed (NO), the processing of thisflowchart is ended.

Details of the processing in step S3607 will be described next. FIG. 37is a flowchart for explaining details of the processing in step S3607 ofthe flowchart in FIG. 36.

First, it is determined whether processing (in this embodiment, one ofcopy, box, and send) to be executed in this flowchart is present (stepS3701). If processing to be executed is present, one of copy, box, andsend is continued. Any other processing may be continued, as a matter ofcourse.

If “YES” is selected, and copy processing is executed, the flow advancesto step S3702. In step S3702, it is determined whether accessinformation is present. If access information is present (YES), the copyinitial window 1401 with added access information is displayed in stepS3703. If no access information is present, a copy initial window 2401without added access information is displayed in step S3704. In stepS3705, copy processing is executed.

If “YES” is selected in step S3701, and box processing is executed, theflow advances to step S3706. In step S3706, it is determined whetheraccess information is present. If access information is present (YES),the box list window 1701 with added access information is displayed instep S3707. If no access information is present (NO), a box initialwindow 2501 without added access information is displayed in step S3708.In step S3709, box processing is executed.

If “YES” is selected in step S3701, and send processing is executed, theflow advances to step S3710. In step S3710, it is determined whetheraccess information is present. If access information is present (YES),the send list window 2101 with added access information is displayed instep S3711. If no access information is present (NO), a send initialwindow 2601 without added access information is displayed in step S3712.In step S3713, send processing is executed.

As described above, in this embodiment, setting information that theuser normally uses on the image reading apparatus 3801 can be used evenin another device (in this embodiment, the image reading apparatus3802). In addition, the information can automatically be erased onanother device. Hence, operability for the user can largely be improved,and operability convenient from the viewpoint of security can beprovided.

As described above, according to this embodiment, information of, e.g.,an operation environment that is personalized in a given apparatus andhandled in another apparatus and remains in it can suitably be deletedso that the operability and security are improved. User information of aspecific image reading apparatus can be used even in another imagereading apparatus. Hence, information that is usable so far only in aspecific image reading apparatus can be used in another image readingapparatus without any cumbersome operation.

According to this embodiment, a mechanism for automatically erasing userinformation developed in another image reading apparatus can be set.With this arrangement, any omission of erase operation that is manuallyexecuted so far can be prevented, and the security can be strengthened.As a result, user information in a specific image reading apparatus canbe used safely in another image reading apparatus. In addition, the userinformation can automatically be deleted from another image readingapparatus after the end of processing. Hence, the cumbersomeness ofconventional user operation can be reduced, and the convenience for theuser and the security can be improved.

While the present invention has been described with reference toexemplary embodiments, it is to be understood that the invention is notlimited to the disclosed exemplary embodiments. The scope of thefollowing claims is to be accorded the broadest interpretation so as toencompass all such modifications and equivalent structures andfunctions.

This application claims the benefit of Japanese Patent Laid-Open No.2005-217395, filed on Jul. 27, 2005, which is hereby incorporated byreference herein in its entirety.

1. An information processing apparatus comprising: a reception unitadapted to receive operation environment information set in anotherinformation processing apparatus; a storage unit adapted to store theoperation environment information; an authentication unit adapted toauthenticate a user who requests access to the stored operationenvironment information; a setting unit adapted to set an operationenvironment based on the operation environment information ifauthentication is successful; and an erase unit adapted to erase theoperation environment information from said storage unit on the basis ofa condition after setting by said setting unit.
 2. The apparatusaccording to claim 1, wherein said erase unit erases the operationenvironment information from said storage unit at one of timings atlogout of the user, after access of the user, and after an elapse of aset time.
 3. The apparatus according to claim 1, wherein the operationenvironment information is set by the user in said other informationprocessing apparatus.
 4. The apparatus according to claim 1, wherein theoperation environment information contains information for accesspermission from a specific information processing apparatus to saidother information processing apparatus.
 5. The apparatus according toclaim 1, wherein said setting unit displays an operation environment setwindow by using the operation environment information in case of accessby a user who has passed authentication by said authentication unit, andan initial window to newly set an operation environment in case ofaccess by a user who has not passed authentication by saidauthentication unit.
 6. The apparatus according to claim 1, furthercomprising a processing unit adapted to execute one of copying, boxprocessing, and sending in an operation environment based on theoperation environment information.
 7. An information processingapparatus that transmits operation environment information to anotherinformation processing apparatus, comprising: an authentication unitadapted to authenticate a user; a selection unit adapted to select saidother information processing apparatus to be permitted to access theinformation if authentication is successful; an information setting unitadapted to set details of operation environment information access towhich should be permitted for said selected other information processingapparatus; an erase condition setting unit adapted to set a condition toerase the operation environment information; and a transmission unitadapted to transmit the operation environment information to said otherinformation processing apparatus selected by said selection unit.
 8. Theapparatus according to claim 7, wherein said erase condition settingunit set one of timings at logout of the user, after access of the user,and after an elapse of a set time.
 9. A method of causing a plurality ofinformation processing apparatuses to share an operation environment,comprising the steps of: receiving operation environment information setin another information processing apparatus; storing the operationenvironment information; authenticating a user who requests access tothe stored operation environment information; setting an operationenvironment based on the operation environment information ifauthentication is successful; and erasing the operation environmentinformation stored in the storing step, on the basis of a conditionafter setting in the setting step.
 10. A method of causing a pluralityof information processing apparatuses to share operation environmentinformation, comprising the steps of: authenticating a user; selectingan information processing apparatus to be permitted to access managedoperation environment information if authentication is successful;setting details of operation environment information access to whichshould be permitted for the selected other information processingapparatus; setting a condition to erase the operation environmentinformation; and transmitting the operation environment information tothe information processing apparatus selected in the selecting step. 11.A program which causes an information processing apparatus to execute amethod of claim 9.